Runes of Magic US / AU

The fact that the hacking still continues and that the person or persons doing it haven't been caught makes it seem that that companies that put out RoM have no clue what to do...Anytime a hacking event goes on for a prolong period of time and the people behind the hacked product have no idea who the perps are or how to stop them is a successful hack. Its the age of technology...there will always be cyber criminals that will crack for fun/personal gain/motive/revenge.

If you people that work for a multi million/billion dollar company are unable to provide guaranteed data security to paying customers, I highly suggest you rethink your position and the company's structure as a whole. Where is the dedicated anti-cyber crime team for RoM's parents??? Hmmm I guess not all company's invest in such people...

Here's an idea if the tech staff can't figure out what to do, hire people who can...

Quoted from "Archimedes419;525112"

My account got hacked last nite, and what was bad was i was logged in and playing at the time. It forced me offline like it has when i have forgotten i was logged in on one comp and log in on a different comp, so they had my log in info. I have never bought gold or dias from anyone, or given my account info to any1 either. My daughter's toon was also logged in at same time and i could watch myself and the hacker battle over who was going to be logged in on my account, kept showing me log on and off in guild chat. I play on the Reni server and my main is 70/70/66. Thankfully all the hacker got was my gold and not the gear i've worked on for months.

This is an interesting read, because this would imply they have stopped the auto-lock out based on 1 account being logged in by 2 different IPs. OR this would imply an inside job.

Quoted from "Dionaea;525329"

I do understand how aggravating it is for you and how easy it is to give in to panic or rage. You say not getting kicked when logged in twice is a tool to prevent your account from being hacked right under you while you already play. Granted, that it is. This is something i gladly forward.

This isnt good idea for now. I saw few players who logged back into game when hacker operating their account. In the end they saved their account with loss of 1k - 2.5k diamonds. If above option implemented it isnt possible to kick hacker out of the account and they can operate account until it was blocked by GM.

Quoted from "Dionaea;525368"

Accounts that changed passwords recently, a sign for keyloggers, but I am no tech.

To me this would sound more like a compromise of the website or server that handles password change. So, in a sense a keylogger, but on the website or server. Not saying that the affected players don't have keyloggers, but it would make more sense they'd have other issues. Such as problems with other online services they might use like banking, buying on the web, credit card information lost, etc etc.

Quoted from "bedwyr;525416"

To me this would sound more like a compromise of the website or server that handles password change. So, in a sense a keylogger, but on the website or server. Not saying that the affected players don't have keyloggers, but it would make more sense they'd have other issues. Such as problems with other online services they might use like banking, buying on the web, credit card information lost, etc etc.

Yeah we can rule out keylogger, logic dictates RoM would be the last priority, bank, and credit cards would be on the top of that list. "Oh I have access to your bank account, but screw that im spamming RoM!"

Quoted from "regentego;525418"

Yeah we can rule out keylogger, logic dictates RoM would be the last priority, bank, and credit cards would be on the top of that list. "Oh I have access to your bank account, but screw that im spamming RoM!"

by that logic can we rule out server side hack/crack? Wouldn't they go after credit card numbers instead of user/pass/2nd pass?

Questions for ROM

1)Can you be a bit more active when you get a ton of spam reports and block the spam?
2)Can you block certain key words like www. to make it harder to spam gold sites...atm I cant say cave without saying c.ave so I would think www. would be easy to block?
3) Can you give the power to silence players for spamming to a select few players on each server who are active and are willing to be punished if they abuse this power? The best resource you have are your players and they are under valued or used in my opinion.

I do know im getting used to clicking on report spam because of the world shouts way too often.

Yes i have been hacked (you probably saw being a fellow grimdal player) and thankfully i was contacted via text telling me i was being hacked. so i logged onto rom in about 30-60 mins since the hacking started, which kicked them off my account and i was able to see what the damage was... what was the damage? i had lost a little over 100 megaphones... thats it. My dias were untouched, gold intact, gear still there. Now i am waiting for frogster to reset my account (this happend on friday (saturday for me)) so im guessing that everything i've done on rom has been a waste of time since then. I am also pretty confident that it is just a bot or something hacking all these accounts; logs into x account, spams all megaphones, logs off, logs onto y account etc. in a never ending cycle....

Ok this is getting bad to worse!! 2 days back my friend account got scammed he traded his gear to other guy on the server and hes in a popular guild. And that guy said he will give his gears to him in a few and he didnt gave. But my friend got screenshots while trading and everything and he reported to frogster and they replied that they cant do anything about it even when he gave screenshots and everything and is that the answer u give to the ppl who gives their work hard money to u guys

Quoted from "grimoru;525444"

by that logic can we rule out server side hack/crack? Wouldn't they go after credit card numbers instead of user/pass/2nd pass?

As per the other thread on hacks,spam etc. From the GMS Frogster does not handle the credit card info and it is not on the servers. It is handled by Money Bookers a third party . So once again it appears to be a server side problem.

Your credit card or PayPal information is secure. Our billing department has no access to it. Kalvan

[COLOR=black !important]"Credit card transactions are handled by Money Bookers, a company similar to paypal, so the credit card info is not being handled by frogster! Your credit card info cannot be accessed through frogster, it has to be accessed through Money Bookers. Once you start a credit card transaction you are given the payment options. If you choose credit card you are carried to Money Bookers! It is as safe as using paypal! "

Sorry I couldn't get the colors from the GM's and Mentor's posts.

Those are the reasons that it can't be a player related problem, if there was a key logger on a players computer or a worm the last thing in the world they would take is a password to a free game. The only way there would be enough profit for a hacker to spend his time and money would be if he could get into the server and access hundreds or thousands of accounts at once. If you lost 50 million gold its only worth about $5 in real world money what hacker would waste his time to access that kind of account. It would be much cheaper in time and money to create an account buy a bunch of megaphones that to spend the time and money to hack an individual account. In order to make any profit in this game and the hackers are in this to make a profit you have to be able access many accounts at once without spending any time or money and you can't do that by spending the time to crack one accounts password then moving on to another account to try it again. ]
Reply Reply With Quote

Quoted from "grimoru;525444"

by that logic can we rule out server side hack/crack? Wouldn't they go after credit card numbers instead of user/pass/2nd pass?

As already stated, that's a third party that handles billing, frogster has nothing to do with that. Come on G you know this stuff!

Frequent change in account that spammed world chat shows that spammers are not using accounts that don't have large quantities of megas...

Quoted from "yoman9;525466"

Ok this is getting bad to worse!! 2 days back my friend account got scammed he traded his gear to other guy on the server and hes in a popular guild. And that guy said he will give his gears to him in a few and he didnt gave. But my friend got screenshots while trading and everything and he reported to frogster and they replied that they cant do anything about it even when he gave screenshots and everything and is that the answer u give to the ppl who gives their work hard money to u guys

Not sure if you know this, but this is irrelevant to the topic.

Im now convinced that Frogster or one of its partners has a security breach, or that a staff member has decided to sell account info. Anyone thinking this is a home computer security issue has their head in the clouds, there is nothing at all left to suggest that.

200+ accounts now hacked.

Quoted from "UncleMart;525570"

Im now convinced that Frogster or one of its partners has a security breach, or that a staff member has decided to sell account info. Anyone thinking this is a home computer security issue has their head in the clouds, there is nothing at all left to suggest that.

Merged threads again, we have one thread open for you to voice your concerns, we do not need several threads on this topic.

And UncleMart, I will continue to give you all the facts and information I have. And at this point, this information still is:

No security breach has been detected up to this point. Our investigation will continue.

Your suspicion is a rumor and no fact. I can not stop you from speculating, but still read our advices given in this thread and follow them anyways. It makes your accounts safer and it is something you can actively do on your side to improve the security of your account. We will continue on our side to do everything possible to ensure the security of your accounts and information. Every hacked account needs to contact our support for assistance.

If any new information comes up or the facts change, we will inform you. Please try not to panic, it is not helping the situation.

This is a new game called "Will your survive the hacks till Chapter 5" ???

Quoted from "UncleMart;525570"

Im now convinced that Frogster or one of its partners has a security breach, or that a staff member has decided to sell account info. Anyone thinking this is a home computer security issue has their head in the clouds, there is nothing at all left to suggest that.

I've seen the posting of one to two gold selling sites being spammed through those accounts. I can't imagine what gold selling site would think hacking accounts would be good for business. It seems as though someone is trying to get back at one or more of these sites while screwing players in the process. I still have a hard time believing its an addon or a keylogger from visiting sites myself, but shying away from conspiracy theories at the moment. It doesn't mean you aren't on to something though

New page has been created to document the people who have been hacked. If you need the link please feel free to send me a PM but i'm afraid the link won't be posted public.

Your PMs are disabled, UncleMarty.